Pretty colours :)
All works, Only issues ive spotted:
1. changing syslog facility does nothing in observium, is this correct?
2. Keeps puttying login as the program, BUT login is actually part of the message, as it should read, ‘login failure for user...'
[2018/03/23 12:37:57 +0000] syslog.php(25820): Virtuozzo||daemon||0||emerg||18||2018-03-23 12:37:57||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:01 +0000] syslog.php(25820): Virtuozzo||daemon||1||alert||19||2018-03-23 12:38:01||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:05 +0000] syslog.php(25820): Virtuozzo||daemon||2||crit||1a||2018-03-23 12:38:05||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:13 +0000] syslog.php(25820): Virtuozzo||daemon||3||err||1b||2018-03-23 12:38:13||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:20 +0000] syslog.php(25820): Virtuozzo||daemon||4||warning||1c||2018-03-23 12:38:20||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:24 +0000] syslog.php(25820): Virtuozzo||daemon||5||notice||1d||2018-03-23 12:38:24||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:29 +0000] syslog.php(25820): Virtuozzo||daemon||6||info||1e||2018-03-23 12:38:29||failure for user admin from 62.xxx.xxx.138 via winbox||login [2018/03/23 12:38:33 +0000] syslog.php(25820): Virtuozzo||daemon||7||debug||1f||2018-03-23 12:38:33||failure for user admin from 62.xxx.xxx.138 via winbox||login
Simon
On 23 Mar 2018, at 12:24, Mike Stupalov mike@observium.org wrote:
Can you show me more hidpi image? I'm not see what in tag parts :)
Markus Klock wrote:
Oh, ok, looks like this for me. core-router 1/2 = Juniper MX80 hq-sw = HP Procurve rack-sw1 = Cisco Catalyst
/Markus
2018-03-23 12:55 GMT+01:00 Mike Stupalov <mike@observium.org mailto:mike@observium.org>:
Image seems as not included in previous mail..
Markus Klock wrote:
How is it supposed to look? and what are the tags? /Markus
2018-03-23 12:16 GMT+01:00 Mike Stupalov <mike@observium.org
<mailto:mike@observium.org mailto:mike@observium.org>>:
Try latest revision, this should be fixed.
if you find more syslog parse errors, also attach this debug
lines for
example.
Simon Mousey Smith wrote:
Hi
Glad to be of help
I have restarted the syslog-ng to refresh the syslog.php
file is uses
but same thing, every so often is just puts stuff in thats NOT
even related to the actually entry?
Looking forward to improvement :)
Regards
Simon
On 23 Mar 2018, at 09:15, Mike Stupalov
<mike@observium.org mailto:mike@observium.org
<mailto:mike@observium.org mailto:mike@observium.org>> wrote:
Tnx, I will fix this soon..
Simon Mousey Smith wrote:
Hi,
I have the debug.log enabled for the syslog
The lines for those entries show:
[2018/03/23 07:48:39 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
07:48:39||dhcp105
assigned 192.168.58.84 to 80:BE:05:7A:73:6E||dhcp,info [2018/03/23 07:49:34 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
07:49:34||dhcp105
deassigned 192.168.58.77 from 1C:91:48:13:DE:A8||dhcp,info [2018/03/23 07:50:43 +0000] syslog.php(30578): 79.78.xx.117||user||5||notice||0d||2018-03-23
07:50:43||dhcp101
assigned 192.168.101.14 to E4:7D:BD:BB:09:37||dhcp,info [2018/03/23 07:51:09 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
07:51:09||dhcp105
deassigned 192.168.58.62 from 58:48:22:84:AA:DD||dhcp,info [2018/03/23 07:51:48 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
07:51:48||dhcp104
assigned 192.168.48.4 to 70:DE:E2:80:50:22||dhcp,info [2018/03/23 07:51:52 +0000] syslog.php(30578): 79.78.xx.105||user||5||notice||0d||2018-03-23 07:51:52||dhcp1
assigned
192.168.1.152 to AC:5F:3E:2F:95:57||dhcp,info
[2018/03/23 08:55:04 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
08:55:04||dhcp104
deassigned 192.168.48.59 from DC:41:5F:76:24:92||dhcp,info [2018/03/23 08:55:40 +0000] syslog.php(30578): 217.149.xx.2||user||5||notice||0d||2018-03-23
08:55:40||dhcp105
deassigned 192.168.58.79 from 40:98:AD:5C:23:B1||dhcp,info [2018/03/23 08:55:41 +0000] syslog.php(30578): 62.255.xx.138||user||5||notice||0d||2018-03-23
08:55:41||CompDHCP
assigned 10.0.0.222 to 4C:32:75:90:69:33||dhcp,info [2018/03/23 09:01:00 +0000] syslog.php(11824): 217.149.xx.2||user||5||notice||0d||2018-03-23
09:01:00||dhcp104
deassigned 192.168.48.5 from 00:CD:FE:8C:3B:D3||dhcp,info
The equipment are also mikrotik switches
Anything else you require?
Regards
Simon
> On 23 Mar 2018, at 09:07, Adam Armstrong
<adama@memetic.org mailto:adama@memetic.org
<mailto:adama@memetic.org mailto:adama@memetic.org>
> <mailto:adama@memetic.org mailto:adama@memetic.org
<mailto:adama@memetic.org mailto:adama@memetic.org>>> wrote:
> > Mike has been rejigging some of the syslog code. > > You probably need to be more specific about where these
syslog
> messages are coming from, though. > > Adam. > > Sent from BlueMail <http://www.bluemail.me/r?b=12512
http://www.bluemail.me/r?b=12512
http://www.bluemail.me/r?b=12512>>
> On 23 Mar 2018, at 09:00, Simon Mousey Smith > <simonsmith5521@gmail.com
mailto:simonsmith5521@gmail.com <mailto:simonsmith5521@gmail.com mailto:simonsmith5521@gmail.com>
<mailto:simonsmith5521@gmail.com
mailto:simonsmith5521@gmail.com
<mailto:simonsmith5521@gmail.com
mailto:simonsmith5521@gmail.com>>> wrote:
> > Hi All > > Has anybody else seen this recently in an SVN update? > > For some reason the syslog is only show part of a syslog
message
> from our switches and inserting into observium? > > Also where has this [Program][Tags] appeared from? > > Regards > > Simon > >
------------------------------------------------------------------------> > observium mailing list > observium@observium.org
mailto:observium@observium.org <mailto:observium@observium.org mailto:observium@observium.org>
<mailto:observium@observium.org
mailto:observium@observium.org <mailto:observium@observium.org mailto:observium@observium.org>>
>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
> > _______________________________________________ > observium mailing list > observium@observium.org mailto:observium@observium.org
<mailto:observium@observium.org mailto:observium@observium.org>
<mailto:observium@observium.org
mailto:observium@observium.org <mailto:observium@observium.org mailto:observium@observium.org>>
>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
observium mailing list observium@observium.org mailto:observium@observium.org
<mailto:observium@observium.org mailto:observium@observium.org>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
-- Mike Stupalov Observium Limited, http://observium.org _______________________________________________ observium mailing list observium@observium.org mailto:observium@observium.org
<mailto:observium@observium.org mailto:observium@observium.org>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
observium mailing list observium@observium.org mailto:observium@observium.org
<mailto:observium@observium.org mailto:observium@observium.org>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
-- Mike Stupalov Observium Limited, http://observium.org _______________________________________________ observium mailing list observium@observium.org mailto:observium@observium.org
<mailto:observium@observium.org mailto:observium@observium.org>
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
<http://postman.memetic.org/cgi-bin/mailman/listinfo/observiumhttp://postman.memetic.org/cgi-bin/mailman/listinfo/observium>
observium mailing list observium@observium.org mailto:observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
-- Mike Stupalov Observium Limited, http://observium.org
observium mailing list observium@observium.org mailto:observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
-- Mike Stupalov Observium Limited, http://observium.org _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
